CVE-2025-65946 | RooCodeInc Roo-Code up to 3.26.6 command injection (GHSA-hwm7-w97p-4h8p)

November 22, 2025 Yanac

A vulnerability identified as critical has been detected in RooCodeInc Roo-Code up to 3.26.6. This issue affects some unknown processing. The manipulation leads to command injection.

This vulnerability is listed as CVE-2025-65946. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-11935 | With TLS 5.8.2 psk_dhe_ke inadequate encryption
CVE-2025-11934 | wolfSSL up to 5.8.2 CertificateVerify Signature Algorithm Negotiation signature verification